sync: master to main#69
10 new alerts including 2 critical severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 2 critical
- 2 high
- 6 medium
Alerts not introduced by this pull request might have been detected because the code changes were too large.
See annotations below for details.
Annotations
Check failure on line 19505 in docs/assets/js/asciinema-player.js
Code scanning / CodeQL
Useless regular-expression character escape High documentation
Check failure on line 65 in packages/changelog/src/index.ts
Code scanning / CodeQL
Uncontrolled command line Critical
Check failure on line 80 in packages/changelog/src/index.ts
Code scanning / CodeQL
Uncontrolled command line Critical
Check failure on line 43 in packages/github-client/src/index.ts
Code scanning / CodeQL
Potential file system race condition High
Check warning on line 7 in datas.html
Code scanning / CodeQL
Inclusion of functionality from an untrusted source Medium
Check warning on line 8 in datas.html
Code scanning / CodeQL
Inclusion of functionality from an untrusted source Medium
Check warning on line 148 in docs/assets/js/asciinema-player.js
Code scanning / CodeQL
Missing origin verification in `postMessage` handler Medium documentation
Check warning on line 49 in docs/overrides/addons/base.html
Code scanning / CodeQL
Inclusion of functionality from an untrusted source Medium documentation
Check warning on line 51 in docs/overrides/addons/base.html
Code scanning / CodeQL
Inclusion of functionality from an untrusted source Medium documentation
Check warning on line 99 in packages/contributors-view/src/index.ts
Code scanning / CodeQL
Log injection Medium